don't overload crypto init with cipher selection and key derivation - warp-vpn

commit 955660f7641a787e8267d1c10a3c7bf8dde8a376
parent 3a4abce01b6b65c517445f8d1baa5a2e5e19bf66
Author: sin <sin@2f30.org>
Date:   Thu, 14 Apr 2016 00:17:41 +0100

don't overload crypto init with cipher selection and key derivation

Diffstat:
M crypto.c  | 8 +++-----
M stun.c  | 4 +++-
M stun.h  | 4 +++-

3 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/crypto.c b/crypto.c
@@ -8,7 +8,7 @@ static EVP_AEAD_CTX ectx, dctx;
 static const EVP_AEAD *aead;
 static unsigned char key[EVP_MAX_KEY_LENGTH];
 
-static void
+void
 setcipher(char *name)
 {
 	struct {
@@ -33,7 +33,7 @@ setcipher(char *name)
 	logerr("unknown cipher: %s", name);
 }
 
-static void
+void
 derivekey(char *pw)
 {
 	if (!PKCS5_PBKDF2_HMAC_SHA1(pw, strlen(pw), NULL, 0, NROUNDS,
@@ -42,10 +42,8 @@ derivekey(char *pw)
 }
 
 void
-cryptoinit(char *cipher, char *pw)
+cryptoinit(void)
 {
-	setcipher(cipher);
-	derivekey(pw);
 	if (!EVP_AEAD_CTX_init(&ectx, aead, key, EVP_AEAD_key_length(aead),
 	                       EVP_AEAD_DEFAULT_TAG_LENGTH, NULL) ||
 	    !EVP_AEAD_CTX_init(&dctx, aead, key, EVP_AEAD_key_length(aead),
diff --git a/stun.c b/stun.c
@@ -127,7 +127,9 @@ main(int argc, char *argv[])
 	/* initialize crypto engine */
 	if (!(pw = getenv("STUNPW")))
 		logerr("STUNPW is not set");
-	cryptoinit(cipher, pw);
+	setcipher(cipher);
+	derivekey(pw);
+	cryptoinit();
 	memset(pw, 0, strlen(pw));
 
 	/* initialize networking engine */
diff --git a/stun.h b/stun.h
@@ -35,7 +35,9 @@ int response(int);
 int clientconnect(char *, char *);
 
 /* crypto.c */
-void cryptoinit(char *, char *);
+void setcipher(char *);
+void derivekey(char *);
+void cryptoinit(void);
 size_t cryptononcelen(void);
 size_t cryptotaglen(void);
 int cryptoseal(unsigned char *, size_t *, size_t, const unsigned char *,

	warp-vpn point to point VPN implementation
	git clone git://git.2f30.org/warp-vpn
	Log \| Files \| Refs \| README